rpms / cups

Clone
Source Code
GIT

Blame 0001-Fix-local-privilege-escalation-to-root-and-sandbox-b.patch

2.0 c4 c5 c5-plus c6 c6-plus c7 c7-alt c8-beta enumdest f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f7 f8 f9 master
  1.   f27
  2.   0001-Fix-local-privilege-escalation-to-root-and-sandbox-b.patch
Blob History Raw
Zdenek Dohnal 3673c5 
diff -up cups-2.2.4/man/cupsd.conf.man.in.privilege-escalation cups-2.2.4/man/cupsd.conf.man.in
Zdenek Dohnal 3673c5 
--- cups-2.2.4/man/cupsd.conf.man.in.privilege-escalation	2017-06-30 17:44:38.000000000 +0200
Zdenek Dohnal 3673c5 
+++ cups-2.2.4/man/cupsd.conf.man.in	2018-07-23 14:57:44.562873692 +0200
Zdenek Dohnal 3673c5 
@@ -377,10 +377,6 @@ The following percent sequences are reco
Zdenek Dohnal 3673c5 
 .fi
Zdenek Dohnal 3673c5 
 The default is the empty string, which disables page logging.
Zdenek Dohnal 3673c5 
 The string "%p %u %j %T %P %C %{job-billing} %{job-originating-host-name} %{job-name} %{media} %{sides}" creates a page log with the standard items.
Zdenek Dohnal 3673c5 
-.\"#PassEnv
Zdenek Dohnal 3673c5 
-.TP 5
Zdenek Dohnal 3673c5 
-\fBPassEnv \fIvariable \fR[ ... \fIvariable \fR]
Zdenek Dohnal 3673c5 
-Passes the specified environment variable(s) to child processes.
Zdenek Dohnal 3673c5 
 .\"#Policy
Zdenek Dohnal 3673c5 
 .TP 5
Zdenek Dohnal 3673c5 
 \fB<Policy \fIname\fB> \fR... \fB</Policy>\fR
Zdenek Dohnal 3673c5 
@@ -466,10 +462,6 @@ Specifies what information is included i
Zdenek Dohnal 3673c5 
 command.
Zdenek Dohnal 3673c5 
 "Full" reports "CUPS 2.0.0 (UNAME) IPP/2.0".
Zdenek Dohnal 3673c5 
 The default is "Minimal".
Zdenek Dohnal 3673c5 
-.\"#SetEnv
Zdenek Dohnal 3673c5 
-.TP 5
Zdenek Dohnal 3673c5 
-\fBSetEnv \fIvariable value\fR
Zdenek Dohnal 3673c5 
-Set the specified environment variable to be passed to child processes.
Zdenek Dohnal 3673c5 
 .\"#SSLListen
Zdenek Dohnal 3673c5 
 .TP 5
Zdenek Dohnal 3673c5 
 \fBSSLListen \fIipv4-address\fB:\fIport\fR
Zdenek Dohnal 3673c5 
diff -up cups-2.2.4/man/cups-files.conf.man.in.privilege-escalation cups-2.2.4/man/cups-files.conf.man.in
Zdenek Dohnal 3673c5 
--- cups-2.2.4/man/cups-files.conf.man.in.privilege-escalation	2018-07-23 14:19:08.661479271 +0200
Zdenek Dohnal 3673c5 
+++ cups-2.2.4/man/cups-files.conf.man.in	2018-07-23 14:53:55.198731082 +0200
Zdenek Dohnal 3673c5 
@@ -159,6 +159,11 @@ The server name may be included in filen
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
 .fi
Zdenek Dohnal 3673c5 
 The default is "/var/log/cups/page_log".
Zdenek Dohnal 3673c5 
+.\"#PassEnv
Zdenek Dohnal 3673c5 
+.TP 5
Zdenek Dohnal 3673c5 
+\fBPassEnv \fIvariable \fR[ ... \fIvariable \fR]
Zdenek Dohnal 3673c5 
+Passes the specified environment variable(s) to child processes.
Zdenek Dohnal 3673c5 
+Note: the standard CUPS filter and backend environment variables cannot be overridden using this directive.
Zdenek Dohnal 3673c5 
 .\"#RemoteRoot
Zdenek Dohnal 3673c5 
 .TP 5
Zdenek Dohnal 3673c5 
 \fBRemoteRoot \fIusername\fR
Zdenek Dohnal 3673c5 
@@ -193,6 +198,11 @@ macOS uses its keychain database to stor
Zdenek Dohnal 3673c5 
 \fBServerRoot \fIdirectory\fR
Zdenek Dohnal 3673c5 
 Specifies the directory containing the server configuration files.
Zdenek Dohnal 3673c5 
 The default is "/etc/cups".
Zdenek Dohnal 3673c5 
+.\"#SetEnv
Zdenek Dohnal 3673c5 
+.TP 5
Zdenek Dohnal 3673c5 
+\fBSetEnv \fIvariable value\fR
Zdenek Dohnal 3673c5 
+Set the specified environment variable to be passed to child processes.
Zdenek Dohnal 3673c5 
+Note: the standard CUPS filter and backend environment variables cannot be overridden using this directive.
Zdenek Dohnal 3673c5 
 .\"#SyncOnClose
Zdenek Dohnal 3673c5 
 .TP 5
Zdenek Dohnal 3673c5 
 \fBSyncOnClose Yes\fR
Zdenek Dohnal 3673c5 
diff -up cups-2.2.4/scheduler/conf.c.privilege-escalation cups-2.2.4/scheduler/conf.c
Zdenek Dohnal 3673c5 
--- cups-2.2.4/scheduler/conf.c.privilege-escalation	2018-07-23 14:19:08.695478342 +0200
Zdenek Dohnal 3673c5 
+++ cups-2.2.4/scheduler/conf.c	2018-07-23 14:19:08.713477851 +0200
Zdenek Dohnal 3673c5 
@@ -2956,13 +2956,10 @@ read_cupsd_conf(cups_file_t *fp)	/* I -
Zdenek Dohnal 3673c5 
 					/* Line from file */
Zdenek Dohnal 3673c5 
 			temp[HTTP_MAX_BUFFER],
Zdenek Dohnal 3673c5 
 					/* Temporary buffer for value */
Zdenek Dohnal 3673c5 
-			*value,		/* Pointer to value */
Zdenek Dohnal 3673c5 
-			*valueptr;	/* Pointer into value */
Zdenek Dohnal 3673c5 
+			*value;		/* Pointer to value */
Zdenek Dohnal 3673c5 
   int			valuelen;	/* Length of value */
Zdenek Dohnal 3673c5 
   http_addrlist_t	*addrlist,	/* Address list */
Zdenek Dohnal 3673c5 
 			*addr;		/* Current address */
Zdenek Dohnal 3673c5 
-  cups_file_t		*incfile;	/* Include file */
Zdenek Dohnal 3673c5 
-  char			incname[1024];	/* Include filename */
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
  /*
Zdenek Dohnal 3673c5 
@@ -2977,28 +2974,7 @@ read_cupsd_conf(cups_file_t *fp)	/* I -
Zdenek Dohnal 3673c5 
     * Decode the directive...
Zdenek Dohnal 3673c5 
     */
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
-    if (!_cups_strcasecmp(line, "Include") && value)
Zdenek Dohnal 3673c5 
-    {
Zdenek Dohnal 3673c5 
-     /*
Zdenek Dohnal 3673c5 
-      * Include filename
Zdenek Dohnal 3673c5 
-      */
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-      if (value[0] == '/')
Zdenek Dohnal 3673c5 
-        strlcpy(incname, value, sizeof(incname));
Zdenek Dohnal 3673c5 
-      else
Zdenek Dohnal 3673c5 
-        snprintf(incname, sizeof(incname), "%s/%s", ServerRoot, value);
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-      if ((incfile = cupsFileOpen(incname, "rb")) == NULL)
Zdenek Dohnal 3673c5 
-        cupsdLogMessage(CUPSD_LOG_ERROR,
Zdenek Dohnal 3673c5 
-	                "Unable to include config file \"%s\" - %s",
Zdenek Dohnal 3673c5 
-	                incname, strerror(errno));
Zdenek Dohnal 3673c5 
-      else
Zdenek Dohnal 3673c5 
-      {
Zdenek Dohnal 3673c5 
-        read_cupsd_conf(incfile);
Zdenek Dohnal 3673c5 
-	cupsFileClose(incfile);
Zdenek Dohnal 3673c5 
-      }
Zdenek Dohnal 3673c5 
-    }
Zdenek Dohnal 3673c5 
-    else if (!_cups_strcasecmp(line, "
Zdenek Dohnal 3673c5 
+    if (!_cups_strcasecmp(line, "
Zdenek Dohnal 3673c5 
     {
Zdenek Dohnal 3673c5 
      /*
Zdenek Dohnal 3673c5 
       * <Location path>
Zdenek Dohnal 3673c5 
@@ -3376,31 +3352,6 @@ read_cupsd_conf(cups_file_t *fp)	/* I -
Zdenek Dohnal 3673c5 
 	cupsdLogMessage(CUPSD_LOG_WARN, "Unknown ServerTokens %s on line %d of %s.",
Zdenek Dohnal 3673c5 
                         value, linenum, ConfigurationFile);
Zdenek Dohnal 3673c5 
     }
Zdenek Dohnal 3673c5 
-    else if (!_cups_strcasecmp(line, "PassEnv") && value)
Zdenek Dohnal 3673c5 
-    {
Zdenek Dohnal 3673c5 
-     /*
Zdenek Dohnal 3673c5 
-      * PassEnv variable [... variable]
Zdenek Dohnal 3673c5 
-      */
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-      for (; *value;)
Zdenek Dohnal 3673c5 
-      {
Zdenek Dohnal 3673c5 
-        for (valuelen = 0; value[valuelen]; valuelen ++)
Zdenek Dohnal 3673c5 
-	  if (_cups_isspace(value[valuelen]) || value[valuelen] == ',')
Zdenek Dohnal 3673c5 
-	    break;
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-        if (value[valuelen])
Zdenek Dohnal 3673c5 
-        {
Zdenek Dohnal 3673c5 
-	  value[valuelen] = '\0';
Zdenek Dohnal 3673c5 
-	  valuelen ++;
Zdenek Dohnal 3673c5 
-	}
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-        cupsdSetEnv(value, NULL);
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-        for (value += valuelen; *value; value ++)
Zdenek Dohnal 3673c5 
-	  if (!_cups_isspace(*value) || *value != ',')
Zdenek Dohnal 3673c5 
-	    break;
Zdenek Dohnal 3673c5 
-      }
Zdenek Dohnal 3673c5 
-    }
Zdenek Dohnal 3673c5 
     else if (!_cups_strcasecmp(line, "ServerAlias") && value)
Zdenek Dohnal 3673c5 
     {
Zdenek Dohnal 3673c5 
      /*
Zdenek Dohnal 3673c5 
@@ -3429,30 +3380,6 @@ read_cupsd_conf(cups_file_t *fp)	/* I -
Zdenek Dohnal 3673c5 
 	    break;
Zdenek Dohnal 3673c5 
       }
Zdenek Dohnal 3673c5 
     }
Zdenek Dohnal 3673c5 
-    else if (!_cups_strcasecmp(line, "SetEnv") && value)
Zdenek Dohnal 3673c5 
-    {
Zdenek Dohnal 3673c5 
-     /*
Zdenek Dohnal 3673c5 
-      * SetEnv variable value
Zdenek Dohnal 3673c5 
-      */
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-      for (valueptr = value; *valueptr && !isspace(*valueptr & 255); valueptr ++);
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-      if (*valueptr)
Zdenek Dohnal 3673c5 
-      {
Zdenek Dohnal 3673c5 
-       /*
Zdenek Dohnal 3673c5 
-        * Found a value...
Zdenek Dohnal 3673c5 
-	*/
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-        while (isspace(*valueptr & 255))
Zdenek Dohnal 3673c5 
-	  *valueptr++ = '\0';
Zdenek Dohnal 3673c5 
-
Zdenek Dohnal 3673c5 
-        cupsdSetEnv(value, valueptr);
Zdenek Dohnal 3673c5 
-      }
Zdenek Dohnal 3673c5 
-      else
Zdenek Dohnal 3673c5 
-        cupsdLogMessage(CUPSD_LOG_ERROR,
Zdenek Dohnal 3673c5 
-	                "Missing value for SetEnv directive on line %d of %s.",
Zdenek Dohnal 3673c5 
-	                linenum, ConfigurationFile);
Zdenek Dohnal 3673c5 
-    }
Zdenek Dohnal 3673c5 
     else if (!_cups_strcasecmp(line, "AccessLog") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "CacheDir") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "ConfigFilePerm") ||
Zdenek Dohnal 3673c5 
@@ -3466,6 +3393,7 @@ read_cupsd_conf(cups_file_t *fp)	/* I -
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "LogFilePerm") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "LPDConfigFile") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "PageLog") ||
Zdenek Dohnal 3673c5 
+             !_cups_strcasecmp(line, "PassEnv") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "Printcap") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "PrintcapFormat") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "RemoteRoot") ||
Zdenek Dohnal 3673c5 
@@ -3475,6 +3403,7 @@ read_cupsd_conf(cups_file_t *fp)	/* I -
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "ServerKey") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "ServerKeychain") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "ServerRoot") ||
Zdenek Dohnal 3673c5 
+             !_cups_strcasecmp(line, "SetEnv") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "SMBConfigFile") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "StateDir") ||
Zdenek Dohnal 3673c5 
              !_cups_strcasecmp(line, "SystemGroup") ||
Zdenek Dohnal 3673c5 
@@ -3504,10 +3433,49 @@ read_cupsd_conf(cups_file_t *fp)	/* I -
Zdenek Dohnal 3673c5 
 static int				/* O - 1 on success, 0 on failure */
Zdenek Dohnal 3673c5 
 read_cups_files_conf(cups_file_t *fp)	/* I - File to read from */
Zdenek Dohnal 3673c5 
 {
Zdenek Dohnal 3673c5 
-  int		linenum;		/* Current line number */
Zdenek Dohnal 3673c5 
+  int		i,			/* Looping var */
Zdenek Dohnal 3673c5 
+		linenum;		/* Current line number */
Zdenek Dohnal 3673c5 
   char		line[HTTP_MAX_BUFFER],	/* Line from file */
Zdenek Dohnal 3673c5 
 		*value;			/* Value from line */
Zdenek Dohnal 3673c5 
   struct group	*group;			/* Group */
Zdenek Dohnal 3673c5 
+  static const char * const prohibited_env[] =
Zdenek Dohnal 3673c5 
+  {					/* Prohibited environment variables */
Zdenek Dohnal 3673c5 
+    "APPLE_LANGUAGE",
Zdenek Dohnal 3673c5 
+    "AUTH_DOMAIN",
Zdenek Dohnal 3673c5 
+    "AUTH_INFO_REQUIRED",
Zdenek Dohnal 3673c5 
+    "AUTH_NEGOTIATE",
Zdenek Dohnal 3673c5 
+    "AUTH_PASSWORD",
Zdenek Dohnal 3673c5 
+    "AUTH_UID",
Zdenek Dohnal 3673c5 
+    "AUTH_USERNAME",
Zdenek Dohnal 3673c5 
+    "CHARSET",
Zdenek Dohnal 3673c5 
+    "CLASS",
Zdenek Dohnal 3673c5 
+    "CLASSIFICATION",
Zdenek Dohnal 3673c5 
+    "CONTENT_TYPE",
Zdenek Dohnal 3673c5 
+    "CUPS_CACHEDIR",
Zdenek Dohnal 3673c5 
+    "CUPS_DATADIR",
Zdenek Dohnal 3673c5 
+    "CUPS_DOCROOT",
Zdenek Dohnal 3673c5 
+    "CUPS_FILETYPE",
Zdenek Dohnal 3673c5 
+    "CUPS_FONTPATH",
Zdenek Dohnal 3673c5 
+    "CUPS_MAX_MESSAGE",
Zdenek Dohnal 3673c5 
+    "CUPS_REQUESTROOT",
Zdenek Dohnal 3673c5 
+    "CUPS_SERVERBIN",
Zdenek Dohnal 3673c5 
+    "CUPS_SERVERROOT",
Zdenek Dohnal 3673c5 
+    "CUPS_STATEDIR",
Zdenek Dohnal 3673c5 
+    "DEVICE_URI",
Zdenek Dohnal 3673c5 
+    "FINAL_CONTENT_TYPE",
Zdenek Dohnal 3673c5 
+    "HOME",
Zdenek Dohnal 3673c5 
+    "LANG",
Zdenek Dohnal 3673c5 
+    "PPD",
Zdenek Dohnal 3673c5 
+    "PRINTER",
Zdenek Dohnal 3673c5 
+    "PRINTER_INFO",
Zdenek Dohnal 3673c5 
+    "PRINTER_LOCATION",
Zdenek Dohnal 3673c5 
+    "PRINTER_STATE_REASONS",
Zdenek Dohnal 3673c5 
+    "RIP_CACHE",
Zdenek Dohnal 3673c5 
+    "SERVER_ADMIN",
Zdenek Dohnal 3673c5 
+    "SOFTWARE",
Zdenek Dohnal 3673c5 
+    "TMPDIR",
Zdenek Dohnal 3673c5 
+    "USER"
Zdenek Dohnal 3673c5 
+  };
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
  /*
Zdenek Dohnal 3673c5 
@@ -3545,6 +3513,47 @@ read_cups_files_conf(cups_file_t *fp)	/*
Zdenek Dohnal 3673c5 
 	}
Zdenek Dohnal 3673c5 
       }
Zdenek Dohnal 3673c5 
     }
Zdenek Dohnal 3673c5 
+    else if (!_cups_strcasecmp(line, "PassEnv") && value)
Zdenek Dohnal 3673c5 
+    {
Zdenek Dohnal 3673c5 
+     /*
Zdenek Dohnal 3673c5 
+      * PassEnv variable [... variable]
Zdenek Dohnal 3673c5 
+      */
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+      int valuelen;			/* Length of variable name */
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+      for (; *value;)
Zdenek Dohnal 3673c5 
+      {
Zdenek Dohnal 3673c5 
+        for (valuelen = 0; value[valuelen]; valuelen ++)
Zdenek Dohnal 3673c5 
+	  if (_cups_isspace(value[valuelen]) || value[valuelen] == ',')
Zdenek Dohnal 3673c5 
+	    break;
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+        if (value[valuelen])
Zdenek Dohnal 3673c5 
+        {
Zdenek Dohnal 3673c5 
+	  value[valuelen] = '\0';
Zdenek Dohnal 3673c5 
+	  valuelen ++;
Zdenek Dohnal 3673c5 
+	}
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+        for (i = 0; i < (int)(sizeof(prohibited_env) / sizeof(prohibited_env[0])); i ++)
Zdenek Dohnal 3673c5 
+        {
Zdenek Dohnal 3673c5 
+          if (!strcmp(value, prohibited_env[i]))
Zdenek Dohnal 3673c5 
+          {
Zdenek Dohnal 3673c5 
+	    cupsdLogMessage(CUPSD_LOG_ERROR, "Environment variable \"%s\" cannot be passed through on line %d of %s.", value, linenum, CupsFilesFile);
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+	    if (FatalErrors & CUPSD_FATAL_CONFIG)
Zdenek Dohnal 3673c5 
+	      return (0);
Zdenek Dohnal 3673c5 
+	    else
Zdenek Dohnal 3673c5 
+	      break;
Zdenek Dohnal 3673c5 
+          }
Zdenek Dohnal 3673c5 
+	}
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+        if (i >= (int)(sizeof(prohibited_env) / sizeof(prohibited_env[0])))
Zdenek Dohnal 3673c5 
+          cupsdSetEnv(value, NULL);
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+        for (value += valuelen; *value; value ++)
Zdenek Dohnal 3673c5 
+	  if (!_cups_isspace(*value) || *value != ',')
Zdenek Dohnal 3673c5 
+	    break;
Zdenek Dohnal 3673c5 
+      }
Zdenek Dohnal 3673c5 
+    }
Zdenek Dohnal 3673c5 
     else if (!_cups_strcasecmp(line, "PrintcapFormat") && value)
Zdenek Dohnal 3673c5 
     {
Zdenek Dohnal 3673c5 
      /*
Zdenek Dohnal 3673c5 
@@ -3590,6 +3599,46 @@ read_cups_files_conf(cups_file_t *fp)	/*
Zdenek Dohnal 3673c5 
           return (0);
Zdenek Dohnal 3673c5 
       }
Zdenek Dohnal 3673c5 
     }
Zdenek Dohnal 3673c5 
+    else if (!_cups_strcasecmp(line, "SetEnv") && value)
Zdenek Dohnal 3673c5 
+    {
Zdenek Dohnal 3673c5 
+     /*
Zdenek Dohnal 3673c5 
+      * SetEnv variable value
Zdenek Dohnal 3673c5 
+      */
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+      char *valueptr;			/* Pointer to environment variable value */
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+      for (valueptr = value; *valueptr && !isspace(*valueptr & 255); valueptr ++);
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+      if (*valueptr)
Zdenek Dohnal 3673c5 
+      {
Zdenek Dohnal 3673c5 
+       /*
Zdenek Dohnal 3673c5 
+        * Found a value...
Zdenek Dohnal 3673c5 
+	*/
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+        while (isspace(*valueptr & 255))
Zdenek Dohnal 3673c5 
+	  *valueptr++ = '\0';
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+        for (i = 0; i < (int)(sizeof(prohibited_env) / sizeof(prohibited_env[0])); i ++)
Zdenek Dohnal 3673c5 
+        {
Zdenek Dohnal 3673c5 
+          if (!strcmp(value, prohibited_env[i]))
Zdenek Dohnal 3673c5 
+          {
Zdenek Dohnal 3673c5 
+	    cupsdLogMessage(CUPSD_LOG_ERROR, "Environment variable \"%s\" cannot be set  on line %d of %s.", value, linenum, CupsFilesFile);
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+	    if (FatalErrors & CUPSD_FATAL_CONFIG)
Zdenek Dohnal 3673c5 
+	      return (0);
Zdenek Dohnal 3673c5 
+	    else
Zdenek Dohnal 3673c5 
+	      break;
Zdenek Dohnal 3673c5 
+          }
Zdenek Dohnal 3673c5 
+	}
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+        if (i >= (int)(sizeof(prohibited_env) / sizeof(prohibited_env[0])))
Zdenek Dohnal 3673c5 
+	  cupsdSetEnv(value, valueptr);
Zdenek Dohnal 3673c5 
+      }
Zdenek Dohnal 3673c5 
+      else
Zdenek Dohnal 3673c5 
+        cupsdLogMessage(CUPSD_LOG_ERROR,
Zdenek Dohnal 3673c5 
+	                "Missing value for SetEnv directive on line %d of %s.",
Zdenek Dohnal 3673c5 
+	                linenum, ConfigurationFile);
Zdenek Dohnal 3673c5 
+    }
Zdenek Dohnal 3673c5 
     else if (!_cups_strcasecmp(line, "SystemGroup") && value)
Zdenek Dohnal 3673c5 
     {
Zdenek Dohnal 3673c5 
      /*
Zdenek Dohnal 3673c5 
diff -up cups-2.2.4/scheduler/job.c.privilege-escalation cups-2.2.4/scheduler/job.c
Zdenek Dohnal 3673c5 
--- cups-2.2.4/scheduler/job.c.privilege-escalation	2018-07-23 14:19:08.698478261 +0200
Zdenek Dohnal 3673c5 
+++ cups-2.2.4/scheduler/job.c	2018-07-23 14:19:08.715477797 +0200
Zdenek Dohnal 3673c5 
@@ -4981,6 +4981,18 @@ start_job(cupsd_job_t     *job,		/* I -
Zdenek Dohnal 3673c5 
   job->profile  = cupsdCreateProfile(job->id, 0);
Zdenek Dohnal 3673c5 
   job->bprofile = cupsdCreateProfile(job->id, 1);
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
+#ifdef HAVE_SANDBOX_H
Zdenek Dohnal 3673c5 
+  if ((!job->profile || !job->bprofile) && UseSandboxing && Sandboxing != CUPSD_SANDBOXING_OFF)
Zdenek Dohnal 3673c5 
+  {
Zdenek Dohnal 3673c5 
+   /*
Zdenek Dohnal 3673c5 
+    * Failure to create the sandbox profile means something really bad has
Zdenek Dohnal 3673c5 
+    * happened and we need to shutdown immediately.
Zdenek Dohnal 3673c5 
+    */
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+    return;
Zdenek Dohnal 3673c5 
+  }
Zdenek Dohnal 3673c5 
+#endif /* HAVE_SANDBOX_H */
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
  /*
Zdenek Dohnal 3673c5 
   * Create the status pipes and buffer...
Zdenek Dohnal 3673c5 
   */
Zdenek Dohnal 3673c5 
diff -up cups-2.2.4/scheduler/process.c.privilege-escalation cups-2.2.4/scheduler/process.c
Zdenek Dohnal 3673c5 
--- cups-2.2.4/scheduler/process.c.privilege-escalation	2017-06-30 17:44:38.000000000 +0200
Zdenek Dohnal 3673c5 
+++ cups-2.2.4/scheduler/process.c	2018-07-23 14:19:08.715477797 +0200
Zdenek Dohnal 3673c5 
@@ -99,9 +99,13 @@ cupsdCreateProfile(int job_id,		/* I - J
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
   if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL)
Zdenek Dohnal 3673c5 
   {
Zdenek Dohnal 3673c5 
+   /*
Zdenek Dohnal 3673c5 
+    * This should never happen, and is fatal when sandboxing is enabled.
Zdenek Dohnal 3673c5 
+    */
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
     cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking);
Zdenek Dohnal 3673c5 
-    cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s",
Zdenek Dohnal 3673c5 
-                    strerror(errno));
Zdenek Dohnal 3673c5 
+    cupsdLogMessage(CUPSD_LOG_EMERG, "Unable to create security profile: %s", strerror(errno));
Zdenek Dohnal 3673c5 
+    kill(getpid(), SIGTERM);
Zdenek Dohnal 3673c5 
     return (NULL);
Zdenek Dohnal 3673c5 
   }
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
@@ -198,10 +202,8 @@ cupsdCreateProfile(int job_id,		/* I - J
Zdenek Dohnal 3673c5 
 		 " #\"^%s/\""		/* TempDir/... */
Zdenek Dohnal 3673c5 
 		 " #\"^%s$\""		/* CacheDir */
Zdenek Dohnal 3673c5 
 		 " #\"^%s/\""		/* CacheDir/... */
Zdenek Dohnal 3673c5 
-		 " #\"^%s$\""		/* StateDir */
Zdenek Dohnal 3673c5 
-		 " #\"^%s/\""		/* StateDir/... */
Zdenek Dohnal 3673c5 
 		 "))\n",
Zdenek Dohnal 3673c5 
-		 temp, temp, cache, cache, state, state);
Zdenek Dohnal 3673c5 
+		 temp, temp, cache, cache);
Zdenek Dohnal 3673c5 
   /* Read common folders */
Zdenek Dohnal 3673c5 
   cupsFilePrintf(fp,
Zdenek Dohnal 3673c5 
                  "(allow file-read-data file-read-metadata\n"
Zdenek Dohnal 3673c5 
@@ -243,8 +245,10 @@ cupsdCreateProfile(int job_id,		/* I - J
Zdenek Dohnal 3673c5 
 		 " #\"^%s/\""		/* ServerBin/... */
Zdenek Dohnal 3673c5 
 		 " #\"^%s$\""		/* ServerRoot */
Zdenek Dohnal 3673c5 
 		 " #\"^%s/\""		/* ServerRoot/... */
Zdenek Dohnal 3673c5 
+		 " #\"^%s$\""		/* StateDir */
Zdenek Dohnal 3673c5 
+		 " #\"^%s/\""		/* StateDir/... */
Zdenek Dohnal 3673c5 
 		 "))\n",
Zdenek Dohnal 3673c5 
-		 request, request, bin, bin, root, root);
Zdenek Dohnal 3673c5 
+		 request, request, bin, bin, root, root, state, state);
Zdenek Dohnal 3673c5 
   if (Sandboxing == CUPSD_SANDBOXING_RELAXED)
Zdenek Dohnal 3673c5 
   {
Zdenek Dohnal 3673c5 
     /* Limited write access to /Library/Printers/... */
Zdenek Dohnal 3673c5 
diff -up cups-2.2.4/scheduler/server.c.privilege-escalation cups-2.2.4/scheduler/server.c
Zdenek Dohnal 3673c5 
--- cups-2.2.4/scheduler/server.c.privilege-escalation	2017-06-30 17:44:38.000000000 +0200
Zdenek Dohnal 3673c5 
+++ cups-2.2.4/scheduler/server.c	2018-07-23 14:19:08.715477797 +0200
Zdenek Dohnal 3673c5 
@@ -38,16 +38,28 @@ void
Zdenek Dohnal 3673c5 
 cupsdStartServer(void)
Zdenek Dohnal 3673c5 
 {
Zdenek Dohnal 3673c5 
  /*
Zdenek Dohnal 3673c5 
-  * Start color management (as needed)...
Zdenek Dohnal 3673c5 
+  * Create the default security profile...
Zdenek Dohnal 3673c5 
   */
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
-  cupsdStartColor();
Zdenek Dohnal 3673c5 
+  DefaultProfile = cupsdCreateProfile(0, 1);
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+#ifdef HAVE_SANDBOX_H
Zdenek Dohnal 3673c5 
+  if (!DefaultProfile && UseSandboxing && Sandboxing != CUPSD_SANDBOXING_OFF)
Zdenek Dohnal 3673c5 
+  {
Zdenek Dohnal 3673c5 
+   /*
Zdenek Dohnal 3673c5 
+    * Failure to create the sandbox profile means something really bad has
Zdenek Dohnal 3673c5 
+    * happened and we need to shutdown immediately.
Zdenek Dohnal 3673c5 
+    */
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+    return;
Zdenek Dohnal 3673c5 
+  }
Zdenek Dohnal 3673c5 
+#endif /* HAVE_SANDBOX_H */
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
  /*
Zdenek Dohnal 3673c5 
-  * Create the default security profile...
Zdenek Dohnal 3673c5 
+  * Start color management (as needed)...
Zdenek Dohnal 3673c5 
   */
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
-  DefaultProfile = cupsdCreateProfile(0, 1);
Zdenek Dohnal 3673c5 
+  cupsdStartColor();
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
  /*
Zdenek Dohnal 3673c5 
   * Startup all the networking stuff...
Zdenek Dohnal 3673c5 
diff -up cups-2.2.4/test/run-stp-tests.sh.privilege-escalation cups-2.2.4/test/run-stp-tests.sh
Zdenek Dohnal 3673c5 
--- cups-2.2.4/test/run-stp-tests.sh.privilege-escalation	2017-06-30 17:44:38.000000000 +0200
Zdenek Dohnal 3673c5 
+++ cups-2.2.4/test/run-stp-tests.sh	2018-07-23 14:19:08.715477797 +0200
Zdenek Dohnal 3673c5 
@@ -490,11 +490,6 @@ StrictConformance Yes
Zdenek Dohnal 3673c5 
 Browsing Off
Zdenek Dohnal 3673c5 
 Listen localhost:$port
Zdenek Dohnal 3673c5 
 Listen $BASE/sock
Zdenek Dohnal 3673c5 
-PassEnv DYLD_LIBRARY_PATH
Zdenek Dohnal 3673c5 
-PassEnv LD_LIBRARY_PATH
Zdenek Dohnal 3673c5 
-PassEnv LD_PRELOAD
Zdenek Dohnal 3673c5 
-PassEnv LOCALEDIR
Zdenek Dohnal 3673c5 
-PassEnv SHLIB_PATH
Zdenek Dohnal 3673c5 
 MaxSubscriptions 3
Zdenek Dohnal 3673c5 
 MaxLogSize 0
Zdenek Dohnal 3673c5 
 AccessLogLevel actions
Zdenek Dohnal 3673c5 
@@ -530,6 +525,12 @@ TempDir $BASE/spool/temp
Zdenek Dohnal 3673c5 
 AccessLog $BASE/log/access_log
Zdenek Dohnal 3673c5 
 ErrorLog $BASE/log/error_log
Zdenek Dohnal 3673c5 
 PageLog $BASE/log/page_log
Zdenek Dohnal 3673c5 
+
Zdenek Dohnal 3673c5 
+PassEnv DYLD_LIBRARY_PATH
Zdenek Dohnal 3673c5 
+PassEnv LD_LIBRARY_PATH
Zdenek Dohnal 3673c5 
+PassEnv LD_PRELOAD
Zdenek Dohnal 3673c5 
+PassEnv LOCALEDIR
Zdenek Dohnal 3673c5 
+PassEnv SHLIB_PATH
Zdenek Dohnal 3673c5 
 EOF
Zdenek Dohnal 3673c5
Zdenek Dohnal 3673c5 
 if test $ssltype != 0 -a `uname` = Darwin; then

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation